AdamLocker Ransomware

Have you faced a window named “Adam Locker?” If you have, the malicious AdamLocker Ransomware must have invaded your Windows operating system. This devious ransomware spreads just like most other threats of its kind (including DeriaLock Ransomware or KoKo Locker Ransomware), via spam emails. The distributor of this malicious infection adds the .exe file that is meant to launch the threat to a misleading email that you are likely to open without even suspecting a threat. Once the file is opened, the ransomware wastes no time. Right away, a copy of the executable is placed in %ALLUSERSPROFILE% (should be named “run.exe”), and registry keys are created. Although the threat does not create a point of execution, it creates registry keys for the “.adam” file association (all files encrypted by this threat will have the “.adam” extension attached to them). Because of this, the main .exe file is launched every time you try to open the corrupted file. If you want to learn more, including how to remove AdamLocker Ransomware, you need to continue reading.

When AdamLocker Ransomware slithers in, it immediately starts encrypting your personal files. Though the ransom note represented via the Adam Locker window suggests that ransom documents and files are encrypted by the threat, in reality, it appears that the infection specifically encrypts your personal files found under %USERPROFILE%. Hopefully, you store your personal files elsewhere, and the damage caused by this malware is not that bad. In fact, you might escape the situation unscathed even if the malicious AdamLocker Ransomware has encrypted your most sensitive files. According to our research, the current version of this malicious ransomware does not lock your files permanently, and it works in a very unique manner. When you click the “Open” button represented via the ransom note, your default browser opens an adf.ly link with advertisements. If you wait a few seconds, you are then redirected to a different page, and this one holds a decryption key. All you need to do is copy this key and then paste it into the “Decrypt” box on the main window. Your files should be decrypted afterward. Unfortunately, it is most likely that cyber criminals are testing their creation, and a much more aggressive version could be released in the future.

In case you have encountered the version of this ransomware that demands a ransom from you, you have to think very carefully about what you should do. Although, in most cases, it is impossible to get decryption keys without paying the ransom, you need to think about the possibility of being scammed. Cyber criminals can get away with not providing you with a decryption key even if they get your payment successfully. Hopefully, this is not a conundrum you have to solve when facing AdamLocker Ransomware, but keep in mind that there are thousands of ransomware infections that can easily encrypt your personal files for good. This is the perfect time to remind you that backing up your personal files is extremely important. If you take care of this now, you will not lose your files even if a more aggressive ransomware manages to slither in. Obviously, we hope that the entrance of AdamLocker Ransomware acts as a wakeup call for you, and you realize that you need to employ trusted security software to ensure that your operating system is not infected with malware again.

Have you noticed that AdamLocker Ransomware has disabled the Task Manager? Do not worry about this too much. This ransomware messes with the Task Manager via Windows Registry, and you can easily fix this issue by deleting one registry entry. This is one of the tasks you need to undertake to have AdamLocker Ransomware deleted from your operating system manually. If you are not up for the challenge, you can also install anti-malware software, and we strongly support this option. First of all, the ransomware might run on your PC along with other threats, and a legitimate anti-malware tool can take care of all of them at the same time. Secondly, you need the protection against all other threats that exist. If you continue with manual removal, do not forget that you need to take care of your system’s protection.